A Sandbox Designed on User-level Virtualization Platform

Network has been widely applied in all aspects of life with time. Spread of malicious programs and harm thereof are also gradually increased with network. Sandbox provides high isolation environment for operation of suspicious program, thereby detecting malicious code effectively. However, there are some problems and disadvantages in sandboxes which are popular at present. Therefore, we establish a sandbox on user-level virtualization platform, which is called Dune[1]. The so-called user-level virtualization refers to a virtualization platform capable for providing direct and safe privileged operation for application programs. It is called Dune[1]. Compared with VMM [2] which provides support for operation system, Dune is more compact and lightweight. Meanwhile, sandbox, as an application program, is operated under dune, which can be operated under privileged mode by the aid of VT-x[3]. Privileged operation can be provided directly and safely, mode switch can be reduced compared with sandbox in the application layer in the aspect of intercepting API calls[4]. Experimental results showed that dune-based sandbox can guarantee higher performance on the basis of smaller scale.